Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/702BAEE858AA11F0AE7EFB8BDAE4EC9C.roa
File:                     702BAEE858AA11F0AE7EFB8BDAE4EC9C.roa (raw, json)
Hash identifier:          HZftb7SkoPVv8c3p79wmuz6GJ/7AyE9u3ys6HyH6VV8=
Subject key identifier:   C4:EF:7E:ED:D7:CA:E7:ED:98:92:12:DA:78:A6:31:27:00:EC:DD:97
Certificate issuer:       /CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Certificate serial:       06B7
Authority key identifier: 60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/702BAEE858AA11F0AE7EFB8BDAE4EC9C.roa
Signing time:             Fri 04 Jul 2025 07:42:30 +0000
ROA not before:           Fri 04 Jul 2025 07:42:25 +0000
ROA not after:            Thu 04 Jul 2030 07:42:25 +0000
asID:                     209179
IP address blocks:        102.215.224.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 29 Jul 2025 00:06:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1719 (0x6b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3614659AF, serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
        Validity
            Not Before: Jul  4 07:42:25 2025 GMT
            Not After : Jul  4 07:42:25 2030 GMT
        Subject: CN=686785e6-da7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:27:76:cd:c6:16:b7:8d:7d:e7:96:35:fb:dc:
                    9e:fa:1e:22:d8:ce:78:ab:ce:40:46:14:d6:58:a2:
                    43:cc:1a:c6:58:6a:b6:18:3b:1e:bf:88:e4:84:d0:
                    d9:93:a5:8d:eb:5e:bb:32:f8:d9:80:9d:a6:07:a9:
                    38:5d:97:4a:de:62:32:85:4f:b5:75:65:d1:04:7a:
                    d3:d6:3c:bb:eb:46:5b:71:e6:fb:f4:75:d5:95:61:
                    93:04:29:c6:56:9a:a1:d0:e9:ad:54:87:8d:3f:a0:
                    10:6e:8c:74:2c:2a:bb:53:f2:7a:fc:95:8c:36:dd:
                    95:b4:b3:eb:a8:dd:c0:6b:72:60:61:78:6d:58:1f:
                    cf:9b:3a:c5:40:b9:f5:e1:63:56:c8:63:9c:58:45:
                    f7:68:ad:5e:27:31:60:88:63:1d:ff:17:67:11:23:
                    c4:d1:19:a2:6e:d1:a7:57:74:6a:cd:68:77:95:85:
                    26:e3:f8:54:61:8c:03:f7:20:86:3a:ee:e0:06:9c:
                    87:9a:ec:ea:b5:52:d8:58:cf:84:fb:69:90:4b:24:
                    00:db:c6:55:87:c9:ed:5d:82:da:4b:5c:ab:b3:f9:
                    5b:07:b2:66:24:ff:53:59:0f:6b:d8:1c:14:0d:0c:
                    f4:0e:94:39:5a:b3:ec:ab:59:54:36:f7:ff:72:d7:
                    9c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:EF:7E:ED:D7:CA:E7:ED:98:92:12:DA:78:A6:31:27:00:EC:DD:97
            X509v3 Authority Key Identifier:
                keyid:60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/702BAEE858AA11F0AE7EFB8BDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.215.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:da:5d:3d:e5:8a:f2:f5:47:bf:e6:fd:1f:ce:74:c5:e1:48:
         a4:79:a7:94:0c:d2:17:89:eb:46:94:29:37:1b:1f:1f:bb:54:
         71:31:ee:02:f8:ac:4e:81:9b:f4:c7:9c:aa:60:39:ba:39:da:
         80:5b:8a:5b:d0:10:db:25:8e:1e:24:9f:56:86:f2:95:10:2e:
         cc:91:f7:fc:20:0a:24:09:49:63:48:cb:9c:d7:bf:f6:6d:c8:
         35:63:ef:53:8a:21:f1:a6:2b:0f:70:4c:ee:cb:7b:70:a5:46:
         15:0a:19:43:23:1d:96:f7:5a:bd:86:2a:8b:82:7a:2b:44:23:
         e4:e2:6d:19:91:27:8c:f3:4d:0a:88:d9:92:a0:1c:92:3e:da:
         3d:02:7b:e7:49:80:b7:d1:ac:04:d2:72:36:7c:02:03:c9:9f:
         fc:43:bc:e9:61:ba:17:46:53:0d:71:4f:66:66:71:cc:94:73:
         e1:1f:42:1b:01:38:96:c2:3c:a9:9b:6f:19:f0:14:fd:cf:6e:
         f1:75:69:b2:b0:a8:6d:1a:ee:05:d6:26:ab:dc:e2:94:25:d6:
         85:34:03:89:71:bf:03:61:79:5c:61:6a:0b:ee:2e:ec:b7:eb:
         27:4f:c0:09:ae:7a:96:f5:4e:a1:65:42:f1:0e:f3:a6:8b:b9:
         d7:8f:f8:b6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBrcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTQ2NTlBRjExMC8GA1UEBRMoNjBBMEU1RDFBQzY2QzhBRTNCN0M5RTZBOEVGNUJD
MDRCOEJCQjg4RTAeFw0yNTA3MDQwNzQyMjVaFw0zMDA3MDQwNzQyMjVaMBgxFjAU
BgNVBAMTDTY4Njc4NWU2LWRhN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAJ3bNxha3jX3nljX73J76HiLYznirzkBGFNZYokPMGsZYarYYOx6/iOSE
0NmTpY3rXrsy+NmAnaYHqThdl0reYjKFT7V1ZdEEetPWPLvrRltx5vv0ddWVYZME
KcZWmqHQ6a1Uh40/oBBujHQsKrtT8nr8lYw23ZW0s+uo3cBrcmBheG1YH8+bOsVA
ufXhY1bIY5xYRfdorV4nMWCIYx3/F2cRI8TRGaJu0adXdGrNaHeVhSbj+FRhjAP3
IIY67uAGnIea7Oq1UthYz4T7aZBLJADbxlWHye1dgtpLXKuz+VsHsmYk/1NZD2vY
HBQNDPQOlDlas+yrWVQ29/9y15xhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxO9+
7dfK5+2YkhLaeKYxJwDs3ZcwHwYDVR0jBBgwFoAUYKDl0axmyK47fJ5qjvW8BLi7
uI4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVBNDBENTc3L1lLRGww
YXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1lLRGwwYXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVB
NDBENTc3LzcwMkJBRUU4NThBQTExRjBBRTdFRkI4QkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1+AwDQYJKoZIhvcNAQEL
BQADggEBAFraXT3livL1R7/m/R/OdMXhSKR5p5QM0heJ60aUKTcbHx+7VHEx7gL4
rE6Bm/THnKpgObo52oBbilvQENsljh4kn1aG8pUQLsyR9/wgCiQJSWNIy5zXv/Zt
yDVj71OKIfGmKw9wTO7Le3ClRhUKGUMjHZb3Wr2GKouCeitEI+TibRmRJ4zzTQqI
2ZKgHJI+2j0Ce+dJgLfRrATScjZ8AgPJn/xDvOlhuhdGUw1xT2ZmccyUc+EfQhsB
OJbCPKmbbxnwFP3PbvF1abKwqG0a7gXWJqvc4pQl1oU0A4lxvwNheVxhagvuLuy3
6ydPwAmuepb1TqFlQvEO86aLudeP+LY=
-----END CERTIFICATE-----